If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Secure Coding During Agile Development?

I would like to ask the group for thoughts/experience with secure coding aspects while performing agile development. Within this context, secure coding is a part of software assurance that focuses on secure methods versus quality/performance (which I understand are not mutually exclusive from secure aspects). Typical agile development focuses on achieving a certain number of fully operational capabilities within the defined short development sprint. Secure coding is not necessarily a defined single capability, but rather a set of design/coding principles interwoven throughout development. Adding in agile development "secure coding" capabilities (recursive on previously developed capabilities) would appear to be bolt-on security versus baked-in security. Does the group have any thoughts or advice on this?